Template for a good false-positive report, formatted with Markdown:
- versions used (SonarQube, Scanner, language analyzer)
SonarQube ID information
Server ID: 69FF93D0-AXobHJEaf-WIDwV27NKO
Version: 8.9.1.44547
Date: 2021-09-09
C++
Qube correctly identified the TLS < 1.2, but reopened the issue after fixed. The fixed and reopened sample, below.
- minimal code sample to reproduce (with analysis parameter, and potential instructions to compile).
Wrap code around triple quote ``` for proper formatting
curl_easy_setopt(curlHandle, CURLOPT_URL, url_.c_str());
curl_easy_setopt(curlHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
curl_easy_setopt(curlHandle, CURLOPT_CAINFO, "/etc/openvpn/cacert.pem");
curl_easy_setopt(curlHandle, CURLOPT_NOSIGNAL, 1l); // don't use signals
curl_easy_setopt(curlHandle, CURLOPT_FAILONERROR, 1l); // fail on any code >= 400
curl_easy_setopt(curlHandle, CURLOPT_TIMEOUT, 900l); // 15 minute timeout
curl_easy_setopt(curlHandle, CURLOPT_CONNECTTIMEOUT, 30l); // 30 second connection timeout
curl_easy_setopt(curlHandle, CURLOPT_MAXCONNECTS, 1l); // only allow a single connection
curl_easy_setopt(curlHandle, CURLOPT_NOPROGRESS, 0l);